Header$type=social_icons

Google Play Security Reward Program - Get A Chance To Win 1000 $

Google announced about Google Play Security Reward Program.Google will reward the security researchers who find vocabulary in - scope applications.

Google is giving a great chance to win 1000 $ for security experts through bounty program by finding security flaws in Android apps . On 19 October 2017 , Thursday Google make announcement about a bug bounty program named the “Google Play Security Reward Program”. According to this program Google will give a reward of 1000 $ to security expert who find security flaws in Android apps and then report it to Google researchers.

As Google and large application developers always take care about security of their users and try to provide a scure , safe and most comfortable users experience . Google Play Security Reward Program is running by Google to make applications those are listed on play store more secure and safe . And through the security reward program google trying to make all applications free to all vocabularies , malicious softwares , hacking and pushing etc.

For running security reward program google has partnership with HackerOne which is a website that manage bounty program's . HackerOne with creat a list of all application and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus. In the list all applications those are developed by many developers will included and in the list , the applications those are developed by google will also included .

The launch partners for this bug bounty are Alibaba, Dropbox, Duolingo, Headspace, Line, Mail.ru, Snapchat, and Tinder, with more to come in the future if the program proves to be successful .

All the applications developers participating in into the program must have their own coordinated disclosure program in place, Security researcher will rewarded by Google Play Security Reward Program only after the vulnerability is made public by the participating company. Once the vulnerability is publicized, the discoverer will have 90 days to apply for the additional reward from Google. As the bug bounty is there purely to provide an additional bonus payment over and above what is offered by each participating company, the bug bounty currently only has one payment tier; $1,000 for remote code execution.

In the official page of Google Play Security Reward Program Google published that ," The Google Play Security Reward Program recognizes the contributions of security researchers who invest their time and effort in helping us make apps on Google Play more secure. All Google’s apps are included and developers of popular Android apps are invited to opt-in to the program. Interested developers who aren’t currently in the program should discuss it with their Google Play partner manager. Through the program, we will further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem. " .

Procedure To Claim Reward From Google :-

Google clearly announced that google will not work directly with researcher for reward program to claim the reward user must have to indetify the vocabulary on the in - scope application . After indetifying vocabulary in application researcher must report about vocabulary to developer if that application then the developer and researcher will work together to resolve the identified vocabulary . After resolving the vocabulary issue the researcher can contact google to claim the reward . The Play Security Reward Program will evaluate each submission based on the above Vulnerability Criteria and reward accordingly. A reward of $1000 will be rewarded for issues that meet this criteria. Any and all reward decisions are ultimately at the discretion of the Google Play Security Reward Program. In the future, other vulnerabilities may be introduced into scope.